How to force the use of Diffie Hellman Key Exchange

I want to create a TLS Socket connection. I know TLS has a few ways to exchange the key eg. RSA, Diffie-Hellman, etc. How can I force the use of Diffie-Hellman key exchange instead of other forms of key exchange?

I know that if using Diffie-Hellman key exchange, it is vulnerable to man-in-middle attack. When using RSA, we have server authentication which prevents MITM. But one concern I have is that using RSA prohibits the forward secrecy.

The anonymous cipher suites (_DH_anon_) are the ones that are vulnerable to MITM attacks.

The _DH_RSA_ or _DH_DSA_ cipher suites also use RSA or DSA for the authentication of the DH key exchange (not for the key exchange itself), to prevent MITM attacks. In addition, the Ephemeral DH cipher suites (those that contain _DHE_, or _ECDHE_ for the elliptic curve variant) provide Perfect Forward Secrecy. (The non-ephemeral _DH_RSA_ or _DH_DSA_ cipher suites are not supported by the Sun JSSE provider anyway.)

Email codedump link for How to force the use of Diffie Hellman Key Exchange